The malware spotted by cybersecurity firm FireEye is one of the few examples of hacking tools designed to cause real-world harm rather than steal money or data.

It was found by FireEye's Mandiant team responding to an alert from an industrial customer after a compromise had been detected on its computers.

The malware was designed to manipulate the systems which provide emergency shutdown to prevent physical damage being caused if industrial processes go wrong.

FireEye stated that this was not evidence that such an attack was imminent as attackers often penetrate systems to retain the capability to launch such attacks in the future, without the intention of doing so.

FireEye said it has "not connected this activity to any actor we currently track" regarding Triton, however it assessed "with moderate confidence" that it was developed by "a nation state".

"The targeting of critical infrastructure as well as the attacker's persistence, lack of any clear monetary goal and the technical resources necessary to create the attack framework suggest a well-resourced nation state actor," the researchers said.

"The targeting of critical infrastructure to disrupt, degrade, or destroy systems is consistent with numerous attack and reconnaissance activities carried out globally by Russian, Iranian, North Korean, US, and Israeli nation state actors.

"Intrusions of this nature do not necessarily indicate an immediate intent to disrupt targeted systems, and may be preparation for a contingency."

FireEye did not name the organisation targeted, nor the region in which it was located.